BTS HelpDesk: 503-823-5199
111 SW Columbia St, Suite 400, Portland, OR 97201
Over the last 2 years, The City of Portland has rolled out a new-to-us control to protect city information from physical device theft or loss. This control meets requirements in our various compliance standards and is required in our policies.
The City of Portland must meet the following compliance standards:
Each of those have requirements to protect their information/data while it is "at rest" or stored on a computer system. Having Bitlocker on all workstations and laptops ensures the City meets requirements for each of the above standards.
Bitlocker is a software product provided by Microsoft on all Windows 10 machines. Bitlocker encrypts the whole computer's storage device (hard drive). The only way to extract the information in a Bitlocker encrypted device is to decrypt it by supplying the Bitlocker key (which is done by the hardware device), then supply a valid username and password to the computer.
Encryption is used to scramble the information such that no-one can read or use the information unless they know the secret key to decrypt the information first. Bitlocker ensures only authorized City employees can access the keys.
Other vendors have done the same thing within their systems. Some examples:
What happens if the City loses the key? Well, the data is lost. This is one reason why BTS requires all data to be stored on servers and not workstations. If someone loses a workstation or laptop, the City does not want to lose City information.
The City has experienced a number of issues with BitLocker, where the system stops accessing the key and BTS has to manually intervene and sometimes replace the hardware. In these cases, there can be hours where the City user cannot access their computer or do work. BTS is working with Microsoft and our hardware vendor to resolve these issues.